Overview

overview

7

Static

static

3

tmpzfzg15k4.exe

windows7-x64

7

tmpzfzg15k4.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    tmpzfzg15k4

  • Size

    288KB

  • Sample

    230601-pzxjfaec69

  • MD5

    279968ab788fe37045d7d55d1c7594d9

  • SHA1

    d1561d0fe8f6ec741beb38753f5a6a9a0670a6eb

  • SHA256

    e5462cb7be5124278c7afad2983341ae1df646d1407e5044567ca84db035f8a3

  • SHA512

    59281e600dcdb2ef75d319842c28e5f715a2ed9a9bbd84ae1e0d8f4165169612c581d458089b63e67541222057931acb6700ef2553bf235e1516c888e95261c4

  • SSDEEP

    6144:JYa6pyfemzTStrLuxFl9QZjrYtyh7aYPGPqZWEzZcx6Zp:JYLyWMWtrLufHYjctaa7PqVZVD

Score
7/10

Malware Config

Targets

    • Target

      tmpzfzg15k4

    • Size

      288KB

    • MD5

      279968ab788fe37045d7d55d1c7594d9

    • SHA1

      d1561d0fe8f6ec741beb38753f5a6a9a0670a6eb

    • SHA256

      e5462cb7be5124278c7afad2983341ae1df646d1407e5044567ca84db035f8a3

    • SHA512

      59281e600dcdb2ef75d319842c28e5f715a2ed9a9bbd84ae1e0d8f4165169612c581d458089b63e67541222057931acb6700ef2553bf235e1516c888e95261c4

    • SSDEEP

      6144:JYa6pyfemzTStrLuxFl9QZjrYtyh7aYPGPqZWEzZcx6Zp:JYLyWMWtrLufHYjctaa7PqVZVD

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks